Print this page

The Steganographic Filesystem (GNU/Linux)

Rate this item
(1 Vote)

What is steganography?

Steganography is the clever technique of concealing sensitive data in such a way that not even the existence of the files can be proved

 What’s available today as “secure” filesystems are encrypted and cryptographic filesystems or normal filesystems that support encryption or cryptography. But even then, are these file completely secure? Even though it is encrypted, whoever takes a look at the filesystem can see these files but cannot read them because they are encrypted. So this means an intruder knows the name and location of the file and guess how valuable or sensitive the information is. Once he gets the password right, (he may obtain it illegally or torture the user to give up the password), the whole file is revealed and thus the sensitive information is revealed!

          The steganographic filesystem on the other hand goes one step further and does not even show the existence of protected or sensitive information. The presence of these hidden files not revealed even when raw sectors of the hard disc are accessed. You can plausibly deny the existence of sensitive files on your hard disc drive. In fact you can store your valuable information in a computer placed among a group of computers (eg: internet café) so that it even more difficult for the intruder to get anywhere near your protected data.

Steganographic file systems are a kind of file system first proposed by Ross Anderson, Roger Needham, and Adi Shamir. Their paper proposed two main methods of hiding data: in a series of fixed size files originally consisting of random bits on top of which 'vectors' could be superimposed in such a way as to allow levels of security to decrypt all lower levels but not even know of the existence of any higher levels, or an entire partition is filled with random bits and files hidden in it.
In a steganographic file system using the second scheme, files are not merely stored, nor stored encrypted, but the entire partition is randomized - encrypted files strongly resemble randomized sections of the partition, and so when files are stored on the partition, there is no easy way to discern between meaningless gibberish and the actual encrypted files. Furthermore, locations of files are derived from the key for the files, and the locations are hidden and available to only programs with the passphrase. This leads to the problem that very quickly files can overwrite each other (because of the Birthday Paradox); this is compensated for by writing all files in multiple places to lessen the chance of data loss.

 

Some popular implementation for GNU/Linux or Free BSD .

 

 

  • Rubberhose - by This email address is being protected from spambots. You need JavaScript enabled to view it., Ralf P. Weinmann and Suelette Dreyfus - here

 

Use at your own risk! :)

Last modified on Thursday, 07 August 2014 09:07
Login to post comments